Fans have turned to their devices to stream games and stay informed about the fate of their teams advancing to the next rounds. Some fans have looked to the “Golden Cup” app to stream data and records from past and present games, not knowing that cybercriminals have also used the app to install spyware on devices of unsuspecting fans. This threat campaign, called Android/FoulGoal.A, looks like a typical sporting app with general information and background around the games. However, in the background and without user consent, the app silently transfers information to cybercriminals, including victims’ phone numbers, installed apps, device model and manufacturer, available internal storage capacity, and more.

Although these apps have now been removed from the Google Play store, McAfee anticipates an increase in cyberattacks around major sporting events and warns fans to be cautious of suspicious links and apps. Fans should keep these tips in mind to ensure devices and data are protected:

Go straight to the source. To avoid phishing attempts and other cyberattacks, always go directly to the provider’s site. If a link or email looks suspicious, avoid opening it. Free tickets and giveaways usually have a catch and are often too good to be true.
Watch with caution. If you want to stream the games, make sure you watch only on dedicated, official channels. Visit the official website to learn where they stream their games and streaming policies. Finally, if you do find a stream for the game you’re looking for, look for the organization’s mark to make sure it’s legitimate.
Be smart when you connect. Avoid connecting to free Wi-Fi networks or Bluetooth-paired devices. It’s best to use a VPN service to ensure you have a connection that helps secure your personal data.